[rsbac] About ACCESS_CONTROL and SUPERVISOR rights
Javier J. Martínez Cabezón
tazok.id0 at gmail.com
Sat Jan 10 18:54:59 CET 2009
Hi I only need confirmation about one concept. If I didn't
missunderstand the concept:
If I have one rol named gerency_r that admin the roles Technician_r,
nurses_r and Doctor_r, Technician_r has write_only rights to
patient_data_t type, Doctor_r has read-write access granted to it and
nurses_r only read-only.
If secoff grants ACCESS_CONTROL right to patient_data to rol
gerency_r then gerency_r could add or remove standard DAC rights
access to all data from this type involving this three roles isn't it?
If secoff grants SUPERVISOR right to patient_data type to rol
gerency_r then gerency_r could add or remove any RSBAC rights access
to this type involving this three roles. Is this correct?
More information about the rsbac
mailing list